fix(finos#1658): CVE-2017-18640 - High Severity Vulnerability

Uses require as: > Implies that the selected version cannot be lower than what require accepts but could be higher through conflict resolution, even if higher has an exclusive higher bound. > > https://docs.gradle.org/current/userguide/rich_versions.html
matthewdunsdon · Jan 5, 2021 · 1bc203d · 1bc203d
1 parent 1aa8705
commit 1bc203d
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/core/build.gradle b/core/build.gradle
@@ -23,7 +23,7 @@ dependencies {
     implementation "com.github.javafaker:javafaker:${FAKER_VERSION}"
     implementation ('org.yaml:snakeyaml') {
         version {
-            strictly '1.26'
+            require '1.26'
         }
     }
 

diff --git a/profile/build.gradle b/profile/build.gradle
@@ -33,7 +33,7 @@ dependencies {
     implementation "com.github.javafaker:javafaker:${FAKER_VERSION}"
     implementation ('org.yaml:snakeyaml') {
         version {
-            strictly '1.26'
+            require '1.26'
         }
     }